跳转到主内容

如何在ONTAP 9中将卷的安全模式从UNIX更改为NTFS

Views:
27
Visibility:
Public
Votes:
0
Category:
ontap-9
Specialty:
nas
Last Updated:

适用场景

ONTAP 9

问题描述

本文包含有关修改现有卷/qtree的安全模式以及将NTFS权限传播到 ONTAP 9中的子文件夹和文件的说明

操作步骤

  1. 将卷或qtree的安全模式修改为NTFS:

::> volume modify -vserver vserver_name -volume -security-style ntfs

  •     更改安全模式后、卷的根目录将会更新
    示例

    Cluster::> vserver security file-directory show -vserver Vs1 -path  /vol1

             Vserver: Vs1
            File Path: /vol1
        File Inode Number: 96
         Security Style: ntfs
         Effective Style: ntfs
         DOS Attributes: 10
     DOS Attributes in Text: ----D---
    Expanded Dos Attributes: -
          UNIX User Id: 0
          UNIX Group Id: 0
         UNIX Mode Bits: 777
     UNIX Mode Bits in Text: rwxrwxrwx
              ACLs: NTFS Security Descriptor
                 Control:0x8004
                 Owner:BUILTIN\Administrators
                 Group:BUILTIN\Administrators
                 DACL - ACEs
                  ALLOW-Everyone-0x1f01ff-(Inherited)
                  ALLOW-Everyone-0x10000000-OI|CI|IO (Inherited)

  • 对任何子对象所做的唯一更改是安全模式
    示例

    Cluster::> vserver security file-directory show -vserver Vs1 -path  /vol1/new.txt

             Vserver: Vs1
            File Path: /vol1/new.txt
        File Inode Number: 102
         Security Style: ntfs
         Effective Style: unix
         DOS Attributes: 20
     DOS Attributes in Text: ---A----
    Expanded Dos Attributes: -
          UNIX User Id: 0
          UNIX Group Id: 1
         UNIX Mode Bits: 777
     UNIX Mode Bits in Text: rwxrwxrwx
              ACLs: -

  1. 在Windows端执行以下步骤、将DACL信息传播到子文件夹和文件。
  • 从窗口访问共享、然后导航到 "属性"下的"安全"选项卡中的"高级"选项
  • 单击所有者旁边的"更改"、选择适当的用户
  • 单击"将所有子对象权限条目替换为此对象的可继承权限条目"选项、然后单击 应用

注意: 您可以根据需要在父文件夹上添加/删除DACL、然后再单击上面的选项。

clipboard_e24a4389b7b57c5c1cea300657c50907c.png

  • 此过程完成后、所有子对象现在都将NTFS显示为有效安全模式、并应用NTFS ACL
  • 在此过程完成之前、ONTAP将强制实施UNIX权限

 

使用该服务

 

NetApp provides no representations or warranties regarding the accuracy or reliability or serviceability of any information or recommendations provided in this publication or with respect to any results that may be obtained by the use of the information or observance of any recommendations provided herein. The information in this document is distributed AS IS and the use of this information or the implementation of any recommendations or techniques herein is a customer's responsibility and depends on the customer's ability to evaluate and integrate them into the customer's operational environment. This document and the information contained herein may be used solely in connection with the NetApp products discussed in this document.